去掉url中的 jsessionid
一: jsessionid 简介:
因为Session默认是需要Cookie支持的 有些客户浏览器是关闭Cookie的,
这个时候就需要在URL中指定服务器上的jssessionid标识.如果你的web应用带有 jsessionid ,首先你的web应用不安全,而且也不利于 SEO (亦不美观).
二: Java代码:
import javax.servlet.*;import javax.servlet.http.HttpServletRequest;import javax.servlet.http.HttpServletResponse;import javax.servlet.http.HttpServletResponseWrapper;import javax.servlet.http.HttpSession;import java.io.IOException;public class DisableUrlSessionFilter implements Filter {public void doFilter(ServletRequest request, ServletResponse response,FilterChain chain) throws IOException, ServletException {if (!(request instanceof HttpServletRequest)) {chain.doFilter(request, response);return;}HttpServletRequest httpRequest = (HttpServletRequest) request;HttpServletResponse httpResponse = (HttpServletResponse) response;if (httpRequest.isRequestedSessionIdFromURL()) {HttpSession session = httpRequest.getSession();if (session != null)session.invalidate();}// wrap response to remove URL encodingHttpServletResponseWrapper wrappedResponse = new HttpServletResponseWrapper(httpResponse) {@Overridepublic String encodeRedirectUrl(String url) {return url;}public String encodeRedirectURL(String url) {return url;}public String encodeUrl(String url) {return url;}public String encodeURL(String url) {return url;}};chain.doFilter(request, wrappedResponse);}public void init(FilterConfig config) throws ServletException {}public void destroy() {}}<filter> <filter-name>jsessionid</filter-name> <filter-class> xinyu.filter.DisableUrlSessionFilter </filter-class></filter><filter-mapping> <filter-name>jsessionid</filter-name> <url-pattern>/*</url-pattern></filter-mapping>